December is the time of year organizations take stock of business goals, performance and opportunities for growth. It’s also an ideal time for IT Teams to review their cybersecurity performance and apparatus, with a view towards improving security by increasing their prevention posture, responding to trends in the threat landscape, and allocating remaining budgets towards these efforts.
For context, cyberattacks increased globally yet again in 2022, up 28% in the third quarter compared to same period in 2021; however, the upward trend seems to have plateaued compared to the consistent sharp rises of 2021 – a positive sign that the cybersecurity efforts of governments and enterprises are holding ground.
In the domain name, DNS and SSL management space, many organizations have yet to implement powerful, cost effective security features that are the backbone of defensive security strategy – for example, locks on core brand domain names, automated monitoring for infringing and lookalike domains, DNSSEC and more.
As we look towards a new year, we recommend that IT teams assess their exposure to domain, DNS and SSL risks by reviewing the following top-line threats and implementing recommended mitigation measures if not already in place.
Threat Assessment & Recommended Actions
Threat: Expired SSL Certificates
Expired SSL certificates can damage customer trust in an organization, create security blindspots, and inflict service outages that damage both revenue and reputation.
Solution: SSL Monitoring
It’s common for larger organization to have many different SSL/TLS certificates in play across external and internal web properties – in these situations, SSL Monitoring actively tracks the validity of your organization’s certificates in one central repository. SSL Monitoring validates your SSL installation and alerts you if there is any interruption in HTTPS status by keeping tabs on a number of different parameters. Together with our Advanced SSL Management tools, SSL Monitoring helps streamline and risk-proof your IT infrastructure.
Other SSL Management Resources
- SSL Certificate Monitoring Service: Automated Alerts for SSL Installation & Configuration
- 6 Key Questions About Corporate SSL Certificate Management, Answered
Threat: Infringing Domain Registrations
Infringing or impersonation domain registrations leverage the trust embodied in a brand to carryout phishing attacks and other forms of brand abuse. They can take a number of permutations, incorporating your brands, homoglyph substitutions, close mispellings, among other tactics.
Solution: Domain Monitoring
Protecting brands on the internet is critical, challenging and a perpetual endeavor. Domain monitoring helps organizations minimize the damage of infringing domain registration by detecting them fast, enabling preparedness and fast action against phishing, cybersquatting, e-commerce fraud and other forms of brand abuse.
Learn More About Domain Monitoring
Threat: Expired Domain Names
Expired domain names are hot commodities for cyber criminals and pose huge security risks for organizations. There is no shortage of ways to nefariously use expired domain names against organizations and unsuspecting end users – imposter websites, maladvertising, phishing, business email compromise, account takeovers and exploiting website scripts are just the tip of the iceberg.
Solution: Long-term registrations and renewal
Expired corporate domain names typically carry a footprint of activity that can be leveraged as an attack vector when left to expire. For these domains, retaining them even if there is no longer a use case can sometimes be the best course of action. An enterprise register like Webnames Corporate can help an organization rightsize its portfolio to strike a balance between protection and budget, as well as put latent domains to use by securely forwarding them with HTTPS to other properties.
- Scammers snatch up expired domains, vexing Google
- Anxious About Accidental Domain Expiry? Utilize Expiry Protection on Key Domains
Threat: DNS hijacking
DNS hijacking, or DNS redirection, is a cyberattack in which DNS queries are manipulated in order to redirect users to malicious sites.
The attacks most commonly target government, telecom, and internet service providers globally. If the attacker is thorough enough when creating their dummy site, it can be very difficult for even highly technical users to spot the difference.
Solution: DNSSEC, plus Domain and Account Locks
DNSSEC prevents malicious cache poisoning, pharming, and man-in-the-middle attacks by attaching a digital signature to your DNS information that cryptographically guarantees the response to a DNS query has not been altered or spoofed.
DNSSEC is available with Premium DNS and included for free in the Domain Premium Bundle. When DNSSEC is used in with security mechanisms like Account or Registry Lock, an organization’s DNS can be considered exceptionally secure.
Did you know …
The top five DNS-based attacks experienced by organizations are; phishing (51%), malware (43%) DDoS (30%) DNS tunneling (28%) and hijacking/credential attack (28%).*
Source: EfficientIP 2022 Global DNS Threat Report
Threat: Email Spoofing and Phishing
Spoofing of organization emails for phishing and cybercrime has increased tenfold since 2020 motivating the broader adoption of email security measures such as DMARC.
Solution: DMARC is an email validation protocol that protects an organization’s outbound email from being used for email spoofing and phishing scams by bad actors. DMARC is implemented by ensuring SPF and DKIM records are configured and published in your DNS zone and that all sources of legitimate outbound mail are accounted for in your SPF record.
Did you know …
Over the course of 2021 the number of valid DMARC policies observed in use rose by 84%, to a total of nearly 5 million unique records, compared to 2020.
We’re always here to help
If you would like to discuss any of the above recommendations, require assistance implements a specific security feature, or want to schedule an end-of-year security review of your domain name and SSL portfolio, our experts are ready to talk when you are.